package com.fg.cloud.framework.shiro.realm;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.DisabledAccountException;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;

import com.fg.cloud.common.finals.UserType;
import com.fg.cloud.common.shiro.CustomLoginToken;
import com.fg.cloud.common.shiro.ShiroUser;
import com.fg.cloud.common.shiro.UserUtils;
import com.fg.cloud.manager.entry.system.vo.SystemUserVo;
import com.fg.cloud.manager.service.system.SystemUserService;

/**
 * Description:系统平台自定义shiro认证模块
 * @author dingjiang
 * @date 2017年10月19日上午10:38:16
 */
public class SystemRealm extends AuthorizingRealm{
	
	private static Logger LOGGER = LoggerFactory.getLogger(SystemRealm.class);
	
	@Autowired
    private SystemUserService shiro_systemUser;
	
	@Override
	public String getName() {
		return UserType.SYSTEM;
	}

	/**
	 * 登录验证
	 */
	@Override
	protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authcToken) throws AuthenticationException {
		LOGGER.info("Shiro-system登录认证");
		CustomLoginToken token = (CustomLoginToken)authcToken;
		token.setRememberMe(true);//2017-10-20 09:29
		SystemUserVo user = shiro_systemUser.selectUserByUserName(token.getUsername());
		
		//账号不存在
        if (user == null) {
            throw new UnknownAccountException();
        }
        //密码错误
        /*System.out.println("我输入的密码加密后是："+String.valueOf(token.getPassword()));
        System.out.println("shiro查出的密码是："+user.getPassword());*/
        if (!String.valueOf(token.getPassword()).equals(user.getPassword())) {
        	throw new IncorrectCredentialsException();
        }
        //账号未启用
        if ( 1 != user.getStatus() ) {
        	throw new DisabledAccountException();
        }
        
        ShiroUser shiroUser = new ShiroUser(user.getId(), user.getUserName(), null, getName());
        user.setType(getName());
        setCurrentUser(user);
		return new SimpleAuthenticationInfo(shiroUser, token.getPassword(), getName());
	}
	
	/**
	 * 权限管理
	 */
	@Override
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
		//校验正确的当前用户
		if (!principals.getRealmNames().contains(getName())) return null;
		
		SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
		info.addRole(UserType.SYSTEM);

		return info;
	}
	
	
	private void setCurrentUser(Object user){
        UserUtils.setCurrentUser(user);
    }
	
    @Override
	protected void clearCache(PrincipalCollection principals) {
		super.clearCache(principals);
	}
	
	@Override
	protected void clearCachedAuthenticationInfo(PrincipalCollection principals) {
		super.clearCachedAuthenticationInfo(principals);
	}
	
	@Override
	protected void clearCachedAuthorizationInfo(PrincipalCollection principals) {
		super.clearCachedAuthorizationInfo(principals);
	}

}
